6b285c92181460823b4bf487d0d0ba508ac0fe7840b4bbab3e5e2f2b0f47a9d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

LD5922.js
Size

186KB
Sample

230721-hhcz5sda9t
MD5

efb6197a93fcc1cb31ce4ccc897689d9
SHA1

98efaae4ebc77cbededcf76a0baa2fdd9d6f2c6c
SHA256

6b285c92181460823b4bf487d0d0ba508ac0fe7840b4bbab3e5e2f2b0f47a9d7
SHA512

2d6211b9ff36dc8bc5c38fa1f5a5a6773f014b902d59d1354cee838c4462234134d1d3a8c2db06cced0a054d33f3a2bfbb4b0dca2c39257af0e16686a52fe9ea
SSDEEP

3072:qofCW/GEEowe8OHvdgr6n0Id4rHlbVT4oKz8N78xo2s:qofC0GE9wHuaTM4N7x/

Score

8^/10

Malware Config

Targets

- Target
  
  LD5922.js
- Size
  
  186KB
- MD5
  
  efb6197a93fcc1cb31ce4ccc897689d9
- SHA1
  
  98efaae4ebc77cbededcf76a0baa2fdd9d6f2c6c
- SHA256
  
  6b285c92181460823b4bf487d0d0ba508ac0fe7840b4bbab3e5e2f2b0f47a9d7
- SHA512
  
  2d6211b9ff36dc8bc5c38fa1f5a5a6773f014b902d59d1354cee838c4462234134d1d3a8c2db06cced0a054d33f3a2bfbb4b0dca2c39257af0e16686a52fe9ea
- SSDEEP
  
  3072:qofCW/GEEowe8OHvdgr6n0Id4rHlbVT4oKz8N78xo2s:qofC0GE9wHuaTM4N7x/
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2